Gabriel Badea, D. Monea and L. Sava, “Practical Benchmark of Open-Source MLOps Platforms: Comparing MLflow, Metaflow and ZenML Across Model Type,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208376.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208376

Abstract: This paper presents a comparison between three popular open-source MLOps frameworks: MLflow, Metaflow, and ZenML, studied in three real-world machine learning scenarios: extractive text summarization using a BERT-based model, image analysis using Res Net, and tabular data classification using Random Forest. The comparison was carried out by developing MLOps-enhanced versions of the baseline code using each studied framework, for each of the three models. Of the three frameworks studied MLflow is notable for its low level of integration: less than 1.2% additional runtime and less than 104 lines of additional code. Although ZenML requires about 208 additional lines and increases execution time by about 19.6%, traceability is significantly improved in exchange. Furthermore, Metaflow provides strong automatic artifact versioning, which adds approximately 195 additional lines of code and increases runtime by about 110.7%. Despite these variations, reproducibility was confirmed by the fact that all platforms maintained consistent model performance under the same conditions, within a margin of 0.1% (Table IV). Disk usage increased by about 220.4M× for MLflow, 220× for ZenML and 143.4Mx for Metaflow, these findings indicate that Metaflow provides thorough provenance at the cost of additional code and runtime overhead, ZenML strikes a reasonable balance between control and usability and MLflow is best suited for fast, low-overhead experiment tracking.

G. Badea, S. Pocris and D. Ţurcanu, “Temperance: Adversary Emulation Framework,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208385.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208385

Abstract: This paper introduces and develops Temperance, an adversary emulation framework, which can be used to quickly reproduce a C2 (Command and Control) infrastructure by red team operators for simulating a cyber operation. The agent implanted into the target communicates with the C2 server, from which the operator has full remote control of the host. The network traffic that this agent generates can be distinguished from a normal user-generated one when using a standard C2 approach because of the beaconing behavior. The solution introduced and developed by this paper uses a dynamic-size hops cluster. A hop facilitates communication between the agents and the server in a decentralized message-passing style instead of simple traffic forwarding, like a normal proxy. The server’s work has been delegated to the hops, requiring a lower number of active connections to be managed by it. This approach makes the infrastructure more fault-tolerant since the hop replacement is faster, simpler, and automatically. The operators can scale the operation since human intervention is needed less to maintain the infrastructure. Some defense techniques, like IP banning, become ineffective since the agents can use the remaining available hops from the cluster. To evaluate the solution, the network traffic of a normal user simulation, a baseline C2 server, and Temperance were captured to analyze the behavior. Two machine learning algorithms trained to detect the bea-coning behavior from the collected data were used to compare how well Temperance evades this detection.

Siminiuc and D. Ţurcanu, “The Silence of Systems: Risks of Algorithmic Nutritional Exclusion in Hyperconnected Economies,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208303.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208303

Abstract: The digitalization of nutrition has radically transformed how individuals monitor their dietary intake but has also introduced invisible algorithmic risks. This study investigates the algorithmic behavior of MyFitnessPal and Cronometer in response to simulated nutritional scenarios, using user profiles that display energy or micronutrient vulnerabilities. Based on an exploratory-comparative design, five simulated profiles (both female and male) with different weight-loss objectives were tested under controlled conditions, using traditional, chaotic, and standardized menus. The findings reveal a substantial difference between the two applications: MyFitnessPal exhibited a systematic algorithmic silence, failing to issue warnings even in cases of intake below 1000 kcal, while Cronometer blocked unsafe goals and explicitly flagged nutritional deficiencies. These insights highlight the critical need to integrate protective mechanisms and digital ethics into self-tracking apps, particularly for users lacking professional nutritional guidance. The study contributes to developing best practices for designing responsible algorithms with direct implications for public health in hyperconnected economies.

Resul, D. Turcanu and R. Rughinis, “A Comparative Analysis of LLMs in Mapping Malware Behaviors to MITRE ATT&CK Techniques from Textual Threat Intelligence Reports,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208322.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208322

Abstract: Cyber Threat Intelligence (CTI) Reports are valuable resources of information for understanding adversarial behaviors and malware functionalities. However, their lack of consistency and structure often results in a challenge for security analysts in interpreting, correlating and applying them effectively. Structuring the data in a common format, such as the MITRE ATT&CK v17.1 framework, is crucial for integrating CTI into detection and response processes. This article assesses the extent to which Large Language Models (LLMs) – GPT (OpenAI), Claude (Anthropic) and Gemini (Google) – can extract and map the malware description from natural language CTI reports to specific MITRE ATT&CK techniques. To achieve this, a set of publicly available CTI reports were used that already contained verified MITRE ATT&CK techniques labels. This served as ground truth for evaluating the outputs of each model. The performance of the LLMs was measured using standard evaluation metrics: Precision, Recall, and F1-score. While differences and mistakes were found in our models execution, such as technique confusion and context loss, the results indicate a strong potential in the use of LLMs for structured threat intelligence mapping. Their ability to reduce manual effort and improve consistency could address a major gap in today’s cyber threat analysis workflow.

Nitescu, A. Ouatu and D. Turcanu, “Evaluating Large Language Models Security and Resilience: A Practical Testing Framework,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208478.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208478

Abstract: Large Language Models (LLMs) are increasingly used in real-world applications, but as their capabilities grow, so do the risks of misuse. Despite their widespread adoption, the security of these models remains an area with many open questions. This paper explores these issues through a set of applied experiments carried out in a controlled environment designed for testing. A prototype application that allows demonstrating how an LLM security benchmarking tool could function in practice was designed. The application allows users to simulate attacks and assess the effectiveness of several defense strategies as in-context defense and paraphrase-based. The experimental results show notable differences between the tested methods. Some techniques were able to fully block attacks while maintaining the model’ ability to respond accurately to regular prompts. Our work paves the way for a more secure development of LLMs by evaluating their resilience to known attacks, while also providing a practical prototype that serves as a starting point for future research and can be extended to support more advanced evaluation methodologies in the context of security of generative AI systems.

Ş. Duţu, A. -R. Deaconescu and L. Peca, “Improving iOS Sandbox Profile Decompilation Accuracy,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208400.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208400

Abstract: Mobile devices have become ubiquitous, with iOS being the second most popular mobile operating system on the market [1]. One method iOS uses to ensure the security of its apps is through sandboxing. This mechanism is implemented as a set of rules compiled into binary files that lie inside the OS firmware and which are not made public by Apple. Thus, security engineers require third-party tools to decompile and then visualize the contents of the profiles mentioned above. This paper presents a validation framework for iOS sandbox profile decompilers, specifically targeting the SandBlaster tool. Our approach represents sandbox profiles as dependency graphs and compares decompiled profiles with reference implementations compiled from Sandbox Profile Language (SBPL) representations using SandScout. We evaluated our framework in iOS versions 7–10, analyzing both individual profiles and bundled profile collections. The results demonstrate 100% precision and recall for iOS 7–8 profiles, 90-100% for iOS 9, and 75-100% for iOS 10. We also optimised a performance bottleneck in SandBlaster’s node matching algorithm, reducing decompilation time from over 7 hours to under 5 minutes.

Chiper, D. Stanescu, T. Becheru and L. Peca, “Adversarial Attacks for Scripts,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-7, doi: 10.1109/RoEduNet68395.2025.11208410.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208410

Abstract: As the number of cyberattacks increases year by year, malware detection remains a pressing challenge, as tra-ditional methods are no longer sufficient due to the dynamic nature of the field. Machine learning comes as an improvement over traditional approaches, offering better detection capabilities, but it still comes with two main disadvantages: a lack of interpretability and vulnerability to adversarial attacks. In this study, we examined the effect of such attacks on a malware detector based on a CharCNN model. Using Grad-CAM, we identified the most influential character regions in both clean and malicious script samples. These relevant regions were then inserted into samples of the opposite class to generate adversarial examples. Our experiments demonstrate a significant drop in detection performance: the accuracy of the CharCNN model decreased from 99.24% to 85.31% on JavaScript files and from 98.48% to 78.66% on Python files following the attacks.

A. Maracine, D. -C. Tranca, R. -V. Rughinis and L. Sava, “Heterogeneous Communications in Industrial IoT: Trends, Challenges, and Opportunities,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208426.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208426

Abstract: The Industrial Internet of Things (IIoT) has in-troduced an unprecedented diversity of communication proto-cols that interconnect devices, systems, and applications across complex industrial environments. From lightweight messaging frameworks such as MQTT and CoAP to well-established stan-dards like DNP3, Modbus, and OPC UA, these protocols each bring distinct strengths-and their own limitations. This paper offers a comprehensive survey of the methods and technologies that enable heterogeneous communications in industrial IoT deployments. We examine how protocols differ in their technical characteristics, including scalability, reliability, determinism, and security, and discuss the practical challenges of integrating them in real-world scenarios. To provide clarity, we classify the protocols into categories that span publish-subscribe mes-saging, request-response architectures, and time-critical fieldbus and SCADA systems. Beyond simply cataloging the options, we also explore emerging trends toward protocol convergence and middleware solutions that aim to bridge the gap between operational technology (OT) and information technology (IT). Drawing on recent research and industrial case studies, this survey highlights both the progress and the persistent obstacles in building secure and interoperable IIoT communication infras-tructures. Ultimately, we hope this work will help practitioners and researchers navigate the evolving landscape of industrial connectivity and inspire new directions for more seamless and efficient integration.

A. Deonise, J. Kołodziej and F. Pop, “Parallel and Distributed Computation of High-Order Derivatives in Neural Networks Using Stochastic Taylor Derivative Estimator,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208395.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208395

Abstract: This paper presents a scalable framework for computing high-order derivatives in neural networks using the Stochastic Taylor Derivative Estimator (STDE) within parallel and distributed computing environments. Targeting Physics-Informed Neural Networks (PINNs), the work extends the the-oretical and practical applicability of STDE-a method based on univariate Taylor-mode automatic differentiation and ran-domized jet sampling by integrating it into the JAX ecosystem with distributed primitives like pmap and pjit. The imple-mentation achieves significant speedups and memory efficiency by decoupling the expensive tensorial computations typically associated with high-order derivatives. Experimental benchmarks on many-body Schrödinger demonstrate near-linear scalability and significant runtime improvements, achieving up to $6.86\times$ speedups over single-GPU baselines. Our results show that STDE, when combined with distributed computation, bridges a critical gap in scalable scientific machine learning by enabling efficient, high-order autodiff in massively parallel environments.

L. Spataru, C. Carabas and D. Turcanu, “A Multi – Agent Framework for Auditing Smart Contracts,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208388.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208388

Abstract: Smart contracts power a vast array of blockchain applications, securing billions of dollars on decentralized finance, but their immutable nature turns every vulnerability into a permanent exploitable liability. Although automated security tools can efficiently detect many issues, their high false positive rates and lack of trust still require manual audits, which are costly and introduce deployment delays. In this paper, we present an end to end AI augmented auditing framework that leverages a multi-agent pipeline for comprehensive vulnerability detection and automated exploit generation. First, we review existing approaches such as static analysis, fuzzing, symbolic execution, formal verification, and machine learning methods, highlighting their strengths, limitations, and real world deployment experience. Building on this survey, we introduce a multi agent architecture composed of a Distributor Agent, an Attack Planner Agent, an Exploit Generator Agent, and an Audit Report Generator Agent. The pipeline ingests smart contract source code, documen-tation, and test suites to outline stepwise attack strategies and synthesize ready to compile Solidity exploit code. Exploits are compiled and validated in a containerized environment, enabling automated verification of attack effectiveness. We outline a validation strategy for future work, more specifically, applying the pipeline to capture the flag challenges and online bug bounty platforms, and we describe plans for prompt fine tuning, retrieval augmented generation, and formal verification integration to further enhance detection accuracy and exploit reliability. Our proposed framework promises a more comprehensive, scalable, and cost effective approach to smart contract security verification.

Negru, B. -C. Mocanu, C. Negru and I. Petre, “Big Data Architecture for Automatic Transformation and Validation of Heterogeneous Geospatial Data Compliant with INSPIRE Directive,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208431.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208431

Abstract: Geospatial data playa fundamental role in decision-making processes within government entities, private sector organizations and in the context of natural resource management. The integration and harmonization of geospatial data from heterogeneous sources represents a significant challenge in the context of the implementation of the INSPIRE (Infrastructure for Spatial Information in Europe) Directive. The need for stan-dardization of geospatial data, both on a global scale and in the context of the INSPIRE Directive, is primarily driven by the need for interoperability, integration and efficient analysis of spatial information from different systems, formats and semantic structures. In this paper we propose a comprehensive and extensible architecture for the automatic transformation and harmonization of heterogeneous spatial data into INSPIRE-compliant formats, that ensures interoperability within the European infrastructure. Our solution is based on open-source technologies and tools and is validated using the official INPIRE Reference Validation tool.

S. Pătraşcu, M. K. Zahur Bajwa, C. Negru, B. -C. Mocanu and F. Pop, “Cloud-Edge Architecture for Audio Signal Classification Based on Mel Spectrograms,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208430.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208430

Abstract: Edge cloud applications have become vital as out-dated cloud architectures face challenges in handling increasing data volumes, especially for audio signals. This article reports on a simple edge cloud architecture for real-time environmental audio classification to improve indoor security and availability. Audio signals are captured at the edge layer using a Raspberry Pi, then converted into Mel spectrograms using the Librosa Python library, and subsequently transmitted to a cloud-hosted convolutional neural network (CNN) trained on the FSD50K dataset. The application achieves 84% overall accuracy with low latency, efficiently managing resource constraints, and scalability. This application presents real-time images and alerts, indicating the system’s ability to detect and support emergencies on time for hearing-impaired users (clients).

Severin, R. -C. Bisag, D. Ilinca, S. -O. David and D. Turcanu, “Satellite Data Integration Platform for Public Accessibility and Educational Use,” 2025 24th RoEduNet Conference: Networking in Education and Research (RoEduNet), Chisinau, Moldova, Republic of, 2025, pp. 1-6, doi: 10.1109/RoEduNet68395.2025.11208353.

URL: https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11208353

Abstract: The continuous growth of the space industry and the increasing demand for satellite data across various sectors high-light the need for accessible and user-friendly data integration platforms. However, despite the availability of large volumes of open satellite data, significant barriers remain in making this data accessible to the general public, educators, and non-expert users. This research aims to define an optimal architecture for a satellite data integration platform that addresses these challenges. The platform is intended not only to improve public access to satellite mission data but also to support educational initiatives aimed at preparing future generations of space engineers and enthusiasts. The study identifies key system requirements through an analysis of current technological solutions, assessing factors such as scalability, performance, interoperability, and technical maturity. Based on this analysis, a set of appropriate technologies and frameworks is selected to form a cohesive architecture capable of delivering an intuitive and functional user experience. The research culminates in the development of a functional prototype that demonstrates the proposed solution’s viability, as well as its capacity to bridge the gap between complex satellite data infrastructures and educational or public-oriented applications.